net/http/http_auth_handler_negotiate.cc - Issue 1128043007: Support Kerberos on Android

Side by Side Diff: net/http/http_auth_handler_negotiate.cc

Issue 1128043007: Support Kerberos on Android (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Fix Android GN build Created 5 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« net/http/http_auth_handler_negotiate.h ('K') | « net/http/http_auth_handler_negotiate.h ('k') | net/http/http_auth_handler_negotiate_parse.h » ('j') | net/http/http_auth_handler_negotiate_parse.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/http/http_auth_handler_negotiate.h"	5 #include "net/http/http_auth_handler_negotiate.h"

6	6

7 #include "base/bind.h"	7 #include "base/bind.h"

8 #include "base/bind_helpers.h"	8 #include "base/bind_helpers.h"

9 #include "base/logging.h"	9 #include "base/logging.h"

10 #include "base/strings/stringprintf.h"	10 #include "base/strings/stringprintf.h"

(...skipping 47 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
58 // TODO(cbentzel): Move towards model of parsing in the factory	58 // TODO(cbentzel): Move towards model of parsing in the factory

59 // method and only constructing when valid.	59 // method and only constructing when valid.

60 scoped_ptr<HttpAuthHandler> tmp_handler(	60 scoped_ptr<HttpAuthHandler> tmp_handler(

61 new HttpAuthHandlerNegotiate(auth_library_.get(), max_token_length_,	61 new HttpAuthHandlerNegotiate(auth_library_.get(), max_token_length_,

62 url_security_manager(), resolver_,	62 url_security_manager(), resolver_,

63 disable_cname_lookup_, use_port_));	63 disable_cname_lookup_, use_port_));

64 if (!tmp_handler->InitFromChallenge(challenge, target, origin, net_log))	64 if (!tmp_handler->InitFromChallenge(challenge, target, origin, net_log))

65 return ERR_INVALID_RESPONSE;	65 return ERR_INVALID_RESPONSE;

66 handler->swap(tmp_handler);	66 handler->swap(tmp_handler);

67 return OK;	67 return OK;

	68 #elif defined(OS_ANDROID)

	69 if (is_unsupported_ \|\| account_type_.empty())
	cbentzel 2015/06/30 12:53:55 TODO(cbentzel): Should CREATE_PREEMPTIVE be checke TODO(cbentzel): Should CREATE_PREEMPTIVE be checked? aberent 2015/07/02 21:13:36 Done. Show quoted text On 2015/06/30 12:53:55, cbentzel wrote: > TODO(cbentzel): Should CREATE_PREEMPTIVE be checked? Done.
	70 return ERR_UNSUPPORTED_AUTH_SCHEME;

	71 // TODO(cbentzel): Move towards model of parsing in the factory

	72 // method and only constructing when valid.

	73 scoped_ptr<HttpAuthHandler> tmp_handler(new HttpAuthHandlerNegotiate(

	74 account_type_, url_security_manager(), resolver_, disable_cname_lookup_,

	75 use_port_));

	76 if (!tmp_handler->InitFromChallenge(challenge, target, origin, net_log))
	cbentzel 2015/06/30 12:53:55 These last four lines are repeated across all thre These last four lines are repeated across all three sections, perhaps it could be moved into a common location. aberent 2015/07/02 21:13:36 Done. Show quoted text On 2015/06/30 12:53:55, cbentzel wrote: > These last four lines are repeated across all three sections, perhaps it could > be moved into a common location. Done.
	77 return ERR_INVALID_RESPONSE;

	78 handler->swap(tmp_handler);

	79 return OK;

	80
	cbentzel 2015/06/30 12:53:55 Nit: remove extra line Nit: remove extra line aberent 2015/07/02 21:13:36 Done. Show quoted text On 2015/06/30 12:53:55, cbentzel wrote: > Nit: remove extra line Done.
68 #elif defined(OS_POSIX)	81 #elif defined(OS_POSIX)

69 if (is_unsupported_)	82 if (is_unsupported_)

70 return ERR_UNSUPPORTED_AUTH_SCHEME;	83 return ERR_UNSUPPORTED_AUTH_SCHEME;

71 if (!auth_library_->Init()) {	84 if (!auth_library_->Init()) {

72 is_unsupported_ = true;	85 is_unsupported_ = true;

73 return ERR_UNSUPPORTED_AUTH_SCHEME;	86 return ERR_UNSUPPORTED_AUTH_SCHEME;

74 }	87 }

75 // TODO(ahendrickson): Move towards model of parsing in the factory	88 // TODO(ahendrickson): Move towards model of parsing in the factory

76 // method and only constructing when valid.	89 // method and only constructing when valid.

77 scoped_ptr<HttpAuthHandler> tmp_handler(	90 scoped_ptr<HttpAuthHandler> tmp_handler(

78 new HttpAuthHandlerNegotiate(auth_library_.get(), url_security_manager(),	91 new HttpAuthHandlerNegotiate(auth_library_.get(), url_security_manager(),

79 resolver_, disable_cname_lookup_,	92 resolver_, disable_cname_lookup_,

80 use_port_));	93 use_port_));

81 if (!tmp_handler->InitFromChallenge(challenge, target, origin, net_log))	94 if (!tmp_handler->InitFromChallenge(challenge, target, origin, net_log))

82 return ERR_INVALID_RESPONSE;	95 return ERR_INVALID_RESPONSE;

83 handler->swap(tmp_handler);	96 handler->swap(tmp_handler);

84 return OK;	97 return OK;

85 #endif	98 #endif

86 }	99 }

87	100

88 HttpAuthHandlerNegotiate::HttpAuthHandlerNegotiate(	101 HttpAuthHandlerNegotiate::HttpAuthHandlerNegotiate(

	102 #if defined(OS_ANDROID)

	103 std::string account_type,

	104 #endif

	105 #if defined(OS_WIN) \|\| (defined(OS_POSIX) && !defined(OS_ANDROID))

89 AuthLibrary* auth_library,	106 AuthLibrary* auth_library,

	107 #endif

90 #if defined(OS_WIN)	108 #if defined(OS_WIN)

91 ULONG max_token_length,	109 ULONG max_token_length,

92 #endif	110 #endif

93 URLSecurityManager* url_security_manager,	111 URLSecurityManager* url_security_manager,

94 HostResolver* resolver,	112 HostResolver* resolver,

95 bool disable_cname_lookup,	113 bool disable_cname_lookup,

96 bool use_port)	114 bool use_port)

97 #if defined(OS_WIN)	115 #if defined(OS_ANDROID)

	116 : auth_system_(account_type),

	117 #elif defined(OS_WIN)

98 : auth_system_(auth_library, "Negotiate", NEGOSSP_NAME, max_token_length),	118 : auth_system_(auth_library, "Negotiate", NEGOSSP_NAME, max_token_length),

99 #elif defined(OS_POSIX)	119 #elif defined(OS_POSIX)

100 : auth_system_(auth_library, "Negotiate", CHROME_GSS_SPNEGO_MECH_OID_DESC),	120 : auth_system_(auth_library, "Negotiate", CHROME_GSS_SPNEGO_MECH_OID_DESC),

101 #endif	121 #endif

102 disable_cname_lookup_(disable_cname_lookup),	122 disable_cname_lookup_(disable_cname_lookup),

103 use_port_(use_port),	123 use_port_(use_port),

104 resolver_(resolver),	124 resolver_(resolver),

105 already_called_(false),	125 already_called_(false),

106 has_credentials_(false),	126 has_credentials_(false),

107 auth_token_(NULL),	127 auth_token_(NULL),

(...skipping 200 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
308	328

309 next_state_ = STATE_GENERATE_AUTH_TOKEN;	329 next_state_ = STATE_GENERATE_AUTH_TOKEN;

310 spn_ = CreateSPN(address_list_, origin_);	330 spn_ = CreateSPN(address_list_, origin_);

311 address_list_ = AddressList();	331 address_list_ = AddressList();

312 return rv;	332 return rv;

313 }	333 }

314	334

315 int HttpAuthHandlerNegotiate::DoGenerateAuthToken() {	335 int HttpAuthHandlerNegotiate::DoGenerateAuthToken() {

316 next_state_ = STATE_GENERATE_AUTH_TOKEN_COMPLETE;	336 next_state_ = STATE_GENERATE_AUTH_TOKEN_COMPLETE;

317 AuthCredentials* credentials = has_credentials_ ? &credentials_ : NULL;	337 AuthCredentials* credentials = has_credentials_ ? &credentials_ : NULL;

318 // TODO(cbentzel): This should possibly be done async.	338 return auth_system_.GenerateAuthToken(

319 return auth_system_.GenerateAuthToken(credentials, spn_, auth_token_);	339 credentials, spn_, auth_token_,

	340 base::Bind(&HttpAuthHandlerNegotiate::OnIOComplete,

	341 base::Unretained(this)));

320 }	342 }

321	343

322 int HttpAuthHandlerNegotiate::DoGenerateAuthTokenComplete(int rv) {	344 int HttpAuthHandlerNegotiate::DoGenerateAuthTokenComplete(int rv) {

323 DCHECK_NE(ERR_IO_PENDING, rv);	345 DCHECK_NE(ERR_IO_PENDING, rv);

324 auth_token_ = NULL;	346 auth_token_ = NULL;

325 return rv;	347 return rv;

326 }	348 }

327	349

328 bool HttpAuthHandlerNegotiate::CanDelegate() const {	350 bool HttpAuthHandlerNegotiate::CanDelegate() const {

329 // TODO(cbentzel): Should delegation be allowed on proxies?	351 // TODO(cbentzel): Should delegation be allowed on proxies?

330 if (target_ == HttpAuth::AUTH_PROXY)	352 if (target_ == HttpAuth::AUTH_PROXY)

331 return false;	353 return false;

332 if (!url_security_manager_)	354 if (!url_security_manager_)

333 return false;	355 return false;

334 return url_security_manager_->CanDelegate(origin_);	356 return url_security_manager_->CanDelegate(origin_);

335 }	357 }

336	358

337 } // namespace net	359 } // namespace net

OLD	NEW